[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fuj_b2RoHOR149AoWO03IFqk-sLYvm75nS_5nZUhJoAs":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":35,"analysis":147,"fingerprints":321},"tmx-quote-request-manager","TMX Quote Request Manager","2.0.9","TMX","https:\u002F\u002Fprofiles.wordpress.org\u002Fkunlee\u002F","\u003Cp>\u003Cstrong>Verified quotes, right inside your CMS.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>TMX Quote Request Manager helps newsrooms and content teams collect outside commentary without leaving the editor – and every quote is verified through the secure TMX Messenger app, with FaceID confirmation and complete background checks on all contributors. That means no fake quotes, no questionable sourcing, and no reputational risk – just trusted, original content at the speed of publishing.\u003Cbr \u002F>\nThe plugin adds a simple editor panel so authors can draft a request, submit it directly to the TMX Quote API, and watch verified replies update in real time. TMX has a proven track record in media verification, trusted by top publishers to clear thousands of videos with zero claims lost – now that same standard of trust comes to written quotes.\u003C\u002Fp>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Verified sourcing\u003C\u002Fstrong>: All contributors vetted through background checks and identity-verified with FaceID via the secure TMX Messenger app.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Seamless CMS integration\u003C\u002Fstrong>: Editor metabox and editor-only block to draft requests and view incoming replies.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Real-time replies\u003C\u002Fstrong>: Requests are delivered instantly to verified individuals; responses flow back into the CMS ready to publish.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enterprise-grade security\u003C\u002Fstrong>: Credentials stored safely in WordPress options, never exposed to the browser.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Scalable management\u003C\u002Fstrong>: Custom database tables (wqrm_requests and wqrm_quotes) reliably track all requests and replies.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Full control\u003C\u002Fstrong>: Per-site API settings, refresh options, and automatic publish notifications.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Service Access\u003C\u002Fh4>\n\u003Cp>TMX Quote Request Manager connects to the TMX Messenger Quote API. Anyone can request access or create an account by visiting \u003Ca href=\"https:\u002F\u002Ftmxmessenger.com\" rel=\"nofollow ugc\">https:\u002F\u002Ftmxmessenger.com\u003C\u002Fa>, where you’ll find onboarding details and plan information. The plugin itself is free; any costs associated with TMX Messenger are managed directly through that service.\u003C\u002Fp>\n\u003Ch4>Editor Block\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Block name: \u003Ccode>wqrm\u002Fquotes-panel\u003C\u002Fcode> (labeled “Quote Requests”).\u003C\u002Fli>\n\u003Cli>Behavior: editor-only – nothing is rendered on the front end.\u003C\u002Fli>\n\u003Cli>Placement: add it to the bottom of your post or to a template. When the block is present, the legacy metabox stays hidden to prevent duplicate markup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Privacy Notice\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>The plugin transmits drafted quote requests (and site title) to the configured Quote API when you click \u003Cstrong>Send Request\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>The plugin transmits the post permalink to the configured Quote API when you click \u003Cstrong>Publish\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>If the “Prepopulate quote request” setting is enabled, the overlay prefill provider also sends the post title and site name to the API’s \u003Ccode>\u002Fquote-draft\u003C\u002Fcode> endpoint to help your team track in-progress stories. Disable the setting under \u003Cstrong>Quotes \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Settings\u003C\u002Fstrong> if you do not want any automatic sharing.\u003C\u002Fli>\n\u003Cli>Incoming replies may contain personal data (name, organisation, email). They are stored in WordPress custom tables until you delete them. The plugin currently relies on site owners to fulfil export\u002Ferase requests manually using the \u003Cstrong>Quotes\u003C\u002Fstrong> screen.\u003C\u002Fli>\n\u003C\u002Ful>\n","The trusted standard in media verification - now built into your CMS, securing every written quote you publish.",0,159,"2025-10-08T03:02:00.000Z","6.8.5","6.8","8.1",[18,19,20,21,22],"editorial-workflow","media-relations","newsroom","quotes","requests","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftmx-quote-request-manager.2.0.9.zip",100,null,"2026-03-15T15:16:48.613Z",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"kunlee",1,30,94,"2026-04-03T19:22:16.224Z",[36,59,82,106,127],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":11,"downloaded":44,"rating":11,"num_ratings":11,"last_updated":45,"tested_up_to":46,"requires_at_least":47,"requires_php":48,"tags":49,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":31,"last_vuln_date":58,"fetched_at":27},"dealia-request-a-quote","Dealia – Request a quote","1.0.8","dealia","https:\u002F\u002Fprofiles.wordpress.org\u002Fdealia\u002F","\u003Cp>Add Request a Quote (RFQ) button anywhere to your website, assign custom-made forms and get quote requests from your website. Send quote requests and negotiate the price via Dealia Negotiation Panel. Get paid instantly once the quote is accepted.\u003C\u002Fp>\n\u003Cp>-Eliminate manual work and assign a Request a Quote button in bulk to the products of your choice.\u003Cbr \u002F>\n-Spend much less time on preparing and sending the quotes.\u003Cbr \u002F>\n-Make the quoting process easier and let your customers comfortably accept, reject or counteroffer once the quote is received.\u003Cbr \u002F>\n-Get feedback from your customers once you negotiate so you can adjust your quote accordingly and win more deals.\u003Cbr \u002F>\n-Create and design an unlimited number of forms that match your branding colours.\u003Cbr \u002F>\n-Get paid instantly after the deal is made via automatic PayPal payment.\u003C\u002Fp>\n\u003Cp>Dealia operates as a SaaS platform and requires an account registered with Dealia.com . Please check the Terms of Use with the following link: https:\u002F\u002Fdealia.com\u002Fterms. The service is currently free of charge. For more pricing information, please check: https:\u002F\u002Fdealia.com\u002Fpricing\u003C\u002Fp>\n\u003Cp>Please note that our platform collects the user data. We collect information about your posts and pages, products (WooCommerce), quote requests and quotes. We’ll always keep your data safe, secure and only use what we need. We don’t sell your data to any 3rd parties.\u003C\u002Fp>\n","Dealia is a quote management platform that allows to receive quote requests directly from your website, negotiate prices and make stress-free deals.",196,"2026-02-18T17:38:00.000Z","6.9.4","6.0","7.4",[50,51,52,21,53],"forms","get-a-quote-button","manage-quote-requests","request-a-quote","https:\u002F\u002Fdealia.com\u002Fdealia-wordpress.zip","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdealia-request-a-quote.1.0.8.zip",76,2,"2026-02-18 21:07:11",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":48,"tags":74,"homepage":80,"download_link":81,"security_score":69,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wp-typography","wp-Typography","5.11.0","pepe","https:\u002F\u002Fprofiles.wordpress.org\u002Fpputzer\u002F","\u003Cp>Improve your web typography with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Hyphenation &mdash; \u003Ca href=\"https:\u002F\u002Fcode.mundschenk.at\u002Fwp-typography\u002Ffrequently-asked-questions\u002F#faq-what-hyphenation-language-patterns-are-included\" rel=\"nofollow ugc\">over 70 languages supported\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Space control, including:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>widow protection\u003C\u002Fli>\n\u003Cli>gluing values to units\u003C\u002Fli>\n\u003Cli>forced internal wrapping of long URLs & email addresses\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Intelligent character replacement, including smart handling of:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>quote marks\u003C\u002Fli>\n\u003Cli>dashes\u003C\u002Fli>\n\u003Cli>ellipses\u003C\u002Fli>\n\u003Cli>trademarks, copyright & service marks\u003C\u002Fli>\n\u003Cli>math symbols\u003C\u002Fli>\n\u003Cli>fractions\u003C\u002Fli>\n\u003Cli>ordinal suffixes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>CSS hooks for styling:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>ampersands,\u003C\u002Fli>\n\u003Cli>uppercase words,\u003C\u002Fli>\n\u003Cli>numbers,\u003C\u002Fli>\n\u003Cli>initial quotes & guillemets.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Improve your web typography with: hyphenation, space control, intelligent character replacement, and CSS hooks.",20000,522763,92,70,"2025-02-23T17:45:00.000Z","6.7.5","6.6",[75,76,77,78,79],"hyphenation","smart-quotes","typography","typogrify","widows","https:\u002F\u002Fcode.mundschenk.at\u002Fwp-typography\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-typography.5.11.0.zip",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":90,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":23,"tags":97,"homepage":103,"download_link":104,"security_score":105,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"wp-disable","Reduce HTTP Requests, Disable Emojis & Disable Embeds, Speedup WooCommerce","1.6.1","hosting.io","https:\u002F\u002Fprofiles.wordpress.org\u002Fpigeonhut\u002F","\u003Cp>\u003Cstrong>Reduce HTTP requests\u003C\u002Fstrong> – Disable Emojis, Disable Gravatars, Disable Embeds and Remove Querystrings. SpeedUp WooCommerce, Added support to disable pingbacks, disable trackbacks, close comments after 28 days, Added the ability to force pagingation after 20 posts,\u003Cbr \u002F>\nDisable WooCommerce scripts and CSS on non WooCommerce Pages, Disable RSS, Disable XML-RPC, Disable Autosave, Remove Windows Live Writer tag, Remove Shortlink Tag, Remove WP API from header and\u003Cbr \u002F>\n many more features to help speed and SEO gains.  Now includes \u003Cstrong>Disable Comments, Heartbeat Control, Selective Disable\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003C\u002Fstrong>\u003Cstrong>NEW Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n Better Stats on Dashboard\u003Cbr \u002F>\n Disable loading dashicons on front end if admin bar disabled\u003Cbr \u002F>\n Disable Author Pages\u003C\u002Fp>\n\u003Cp>Disabling Emojis does not disable emoticons, it disables the support for Emojis added since WP 4.2 and removes 1 HTTP request.\u003C\u002Fp>\n\u003Cp>Disabling Embeds  – script that auto formats pasted content in the visual editor, eg videos, etc. Big issue with this script is it loads on every\u003Cbr \u002F>\nsingle page. You can still use the default embed code from YouTube, Twitter etc to included content.\u003C\u002Fp>\n\u003Cp>Remove Query Strings: If you look at the waterfall view of your page load, you will see your query strings end in something like ver=1.12.4.\u003Cbr \u002F>\nThese are called query strings and help determine the version of the script. The problem with query strings like these is that it isn’t very efficient for caching purposes and sometimes prevents caching those assets altogether.  If you are using a CDN already, you can ignore this.\u003C\u002Fp>\n\u003Cp>Disabling Gravatars is completely optional, advise, if you don’t use them, disable as it gets rid of one more useless HTTP request.\u003C\u002Fp>\n\u003Cp>General Performance improvements: Added support for : disable ping\u002Ftrackbacks, close comments after 28 days, force pagingation after 20 posts, Disable WooCommerce scripts and CSS on non WooCommerce Pages.\u003C\u002Fp>\n\u003Cp>Have an idea ?\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhosting-io\u002Fwp-disable\" rel=\"nofollow ugc\">Public repo on GitHub\u003C\u002Fa> if you would like to contribute or have any ideas to add.\u003C\u002Fp>\n\u003Cp>Docs & Support\u003Cbr \u002F>\nThe \u003Ca href=\"https:\u002F\u002Foptimisation.io\u002Ffaq\u002F\" rel=\"nofollow ugc\">documentation is an on-going project\u003C\u002Fa>, so please bare with us as we update.  If you would like to help with the documentation, please get in touch.\u003C\u002Fp>\n","Reduce HTTP requests - Disable Emojis, Disable Gravatars, Disable Embeds and Remove Querystrings. SpeedUp WooCommerce, Added support to disable pingba &hellip;",10000,309866,82,45,"2020-08-09T07:42:00.000Z","5.3.21","4.5",[98,99,100,101,102],"disable-embeds","disable-emoji","disable-gravatars","reduce-http-requests","remove-querystrings","https:\u002F\u002Foptimisation.io","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-disable.1.6.1.zip",85,{"slug":107,"name":108,"version":109,"author":110,"author_profile":111,"description":112,"short_description":113,"active_installs":114,"downloaded":115,"rating":116,"num_ratings":117,"last_updated":118,"tested_up_to":46,"requires_at_least":119,"requires_php":48,"tags":120,"homepage":125,"download_link":126,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"edit-flow","Edit Flow","0.10.3","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>Edit Flow empowers you to collaborate with your editorial team inside WordPress. We’ve made it modular so you can customize it to your needs:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Fcalendar\u002F\" rel=\"nofollow ugc\">Calendar\u003C\u002Fa> – A convenient month-by-month look at your content.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Fcustom-statuses\u002F\" rel=\"nofollow ugc\">Custom Statuses\u003C\u002Fa> – Define the key stages to your workflow.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Feditorial-comments\u002F\" rel=\"nofollow ugc\">Editorial Comments\u003C\u002Fa> – Threaded commenting in the admin for private discussion between writers and editors.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Feditorial-metadata\u002F\" rel=\"nofollow ugc\">Editorial Metadata\u003C\u002Fa> – Keep track of the important details.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Fnotifications\u002F\" rel=\"nofollow ugc\">Notifications\u003C\u002Fa> – Receive timely updates on the content you’re following.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Fstory-budget\u002F\" rel=\"nofollow ugc\">Story Budget\u003C\u002Fa> – View your upcoming content budget.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Feditflow.org\u002Ffeatures\u002Fuser-groups\u002F\" rel=\"nofollow ugc\">User Groups\u003C\u002Fa> – Keep your users organized by department or function.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>More details for each feature, screenshots and documentation can be found on \u003Ca href=\"http:\u002F\u002Feditflow.org\u002F\" rel=\"nofollow ugc\">our website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>We’d love to hear from you! For support questions, feedback and ideas, please use the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Ftags\u002Fedit-flow?forum_id=10\" rel=\"ugc\">WordPress.org forums\u003C\u002Fa>, which we look at often. If you’d like to contribute code, \u003Ca href=\"http:\u002F\u002Feditflow.org\u002Fcontribute\u002F\" rel=\"nofollow ugc\">we’d love to have you involved\u003C\u002Fa>.\u003C\u002Fp>\n","Redefining your editorial workflow.",5000,476060,84,50,"2026-01-12T16:08:00.000Z","6.4",[121,122,123,20,124],"custom-status","editorial","editorial-calendar","workflow","http:\u002F\u002Feditflow.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fedit-flow.0.10.3.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":69,"num_ratings":137,"last_updated":138,"tested_up_to":46,"requires_at_least":96,"requires_php":48,"tags":139,"homepage":23,"download_link":144,"security_score":145,"vuln_count":57,"unpatched_count":11,"last_vuln_date":146,"fetched_at":27},"quotes-for-woocommerce","Quotes for WooCommerce","2.12","pinal.shah","https:\u002F\u002Fprofiles.wordpress.org\u002Fpinalshah\u002F","\u003Cp>Plugins required:\u003C\u002Fp>\n\u003Col>\n\u003Cli>WooCommerce 4.0 or higher\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Want to convert your WooCommerce store into a Quote only program? This plugin allows the admin to hide the prices and modify the Add to Cart button to ‘Request Quote’.\u003C\u002Fp>\n\u003Cp>No payment is taken at Checkout. The prices for the product can be setup in the WooCommerce->Orders page and once a quote is finalized, the plugin will send an email to the end user notifying the same.\u003C\u002Fp>\n\u003Cp>The users can then make the payments using the link in the email or the My Accounts page.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What will the Quotes plugin help you achieve?\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customize pricing for each order to meet individual customer needs.\u003C\u002Fli>\n\u003Cli>Offer payment flexibility by not taking payment at checkout for quote requests.\u003C\u002Fli>\n\u003Cli>Manage quoting process easily with one-click enable\u002Fdisable option for all products.\u003C\u002Fli>\n\u003Cli>Enhance customer experience and attract new customers with personalized quotes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Unlock Advanced Features for Enhanced Quoting and Sales Management using the \u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fquotes-for-woocommerce-pro\u002F\" rel=\"nofollow ugc\">Premium Version\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enable quotes for only some products in the store.\u003C\u002Fli>\n\u003Cli>Allow quote and purchasable products in a single cart.\u003C\u002Fli>\n\u003Cli>Enable quotes for select variations of a product\u003C\u002Fli>\n\u003Cli>Automatically enable quotes based on item quantity for each product.\u003C\u002Fli>\n\u003Cli>Customize quote button display based on WordPress User Roles\u003C\u002Fli>\n\u003Cli>Seamlessly process both regular orders and quote requests for all products\u003C\u002Fli>\n\u003Cli>Automatically activate quoting for out-of-stock products\u003C\u002Fli>\n\u003Cli>Streamline communication with automated quote emails\u003C\u002Fli>\n\u003Cli>Centralize quote management on a unified page for efficiency\u003C\u002Fli>\n\u003Cli>Convert quote requests to WooCommerce orders with a single click\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Enable simultaneous quote requests and orders\u003C\u002Fstrong>\u003Cbr \u002F>\nEnable the Request Quote form with a single click. This adds a Request Quote button on single product pages and the standard WooCommerce Add to Cart button.\u003C\u002Fp>\n\u003Cp>With both buttons available, customers can make quotation requests and purchase products simultaneously.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Take quotations for back-ordered products\u003C\u002Fstrong>\u003Cbr \u002F>\nSet up Quotes for WooCommerce Pro to automatically enable quotes for a product as soon as the stock quantity reaches zero. Reach out to the user when the product is back in stock with a quotation email.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwoocommerce.com\u002Fproducts\u002Fquotes-for-woocommerce-pro\u002F\" rel=\"nofollow ugc\">Quotes for WooCommerce Pro\u003C\u002Fa> | \u003Ca href=\"mailto:support@technovama.com\" rel=\"nofollow ugc\">Support Helpdesk\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Effortlessly manage wholesale and retail customers\u003C\u002Fstrong>\u003Cbr \u002F>\nCater to wholesale and retail customers by enabling quotations based on user roles. The extension allows you to replace the Add to Cart button with the Request Quote button based on user roles.\u003C\u002Fp>\n\u003Cp>You can enable wholesale customer quotes while allowing retail users to place a normal WooCommerce order for the same products using WordPress user roles.\u003C\u002Fp>\n","This plugin allows the site admin the ability to accept quote requests for products. Prices can be hidden. No payments will be taken at Checkout.",4000,102936,61,"2026-03-06T06:30:00.000Z",[140,141,21,142,143],"hide-price","proposals","woocommerce","woocommerce-request-quote","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fquotes-for-woocommerce.2.12.zip",99,"2023-11-30 00:00:00",{"attackSurface":148,"codeSignals":208,"taintFlows":283,"riskAssessment":307,"analyzedAt":320},{"hooks":149,"ajaxHandlers":186,"restRoutes":203,"shortcodes":204,"cronEvents":205,"entryPointCount":206,"unprotectedCount":207},[150,156,160,163,167,172,176,181],{"type":151,"name":152,"callback":153,"file":154,"line":155},"action","add_meta_boxes","register_meta_box","includes\\admin.php",40,{"type":151,"name":157,"callback":158,"file":154,"line":159},"admin_enqueue_scripts","enqueue_assets",41,{"type":151,"name":161,"callback":162,"file":154,"line":117},"admin_menu","register_admin_pages",{"type":151,"name":164,"callback":165,"file":154,"line":166},"admin_init","register_settings",51,{"type":151,"name":168,"callback":169,"priority":170,"file":154,"line":171},"transition_post_status","maybe_notify_on_publish",10,54,{"type":151,"name":173,"callback":174,"priority":170,"file":154,"line":175},"wp_after_insert_post","on_draft_save",57,{"type":151,"name":177,"callback":178,"file":179,"line":180},"init","register","includes\\block.php",13,{"type":151,"name":182,"callback":183,"file":184,"line":185},"plugins_loaded","closure","tmx-quote-request-manager.php",47,[187,192,195,199],{"action":188,"nopriv":189,"callback":190,"hasNonce":189,"hasCapCheck":189,"file":154,"line":191},"wqrm_submit_request",false,"ajax_submit_request",44,{"action":193,"nopriv":189,"callback":194,"hasNonce":189,"hasCapCheck":189,"file":154,"line":93},"wqrm_get_post_data","ajax_get_post_data",{"action":196,"nopriv":189,"callback":197,"hasNonce":189,"hasCapCheck":189,"file":154,"line":198},"wqrm_poll_post_requests","ajax_poll_post_requests",46,{"action":200,"nopriv":189,"callback":201,"hasNonce":202,"hasCapCheck":202,"file":154,"line":185},"wqrm_generate_prefill","ajax_generate_prefill",true,[],[],[],4,3,{"dangerousFunctions":209,"sqlUsage":210,"outputEscaping":219,"fileOperations":11,"externalRequests":206,"nonceChecks":207,"capabilityChecks":211,"bundledLibraries":282},[],{"prepared":211,"raw":57,"locations":212},7,[213,217],{"file":214,"line":215,"context":216},"includes\\db.php",78,"$wpdb->query() with variable interpolation",{"file":214,"line":218,"context":216},81,{"escaped":220,"rawEcho":32,"locations":221},63,[222,225,227,229,231,233,234,236,238,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,272,274,276,278,280],{"file":154,"line":223,"context":224},126,"raw output",{"file":154,"line":226,"context":224},139,{"file":154,"line":228,"context":224},142,{"file":154,"line":230,"context":224},151,{"file":154,"line":232,"context":224},153,{"file":154,"line":12,"context":224},{"file":154,"line":235,"context":224},397,{"file":154,"line":237,"context":224},399,{"file":154,"line":239,"context":224},400,{"file":154,"line":241,"context":224},416,{"file":154,"line":243,"context":224},417,{"file":154,"line":245,"context":224},421,{"file":154,"line":247,"context":224},422,{"file":154,"line":249,"context":224},424,{"file":154,"line":251,"context":224},425,{"file":154,"line":253,"context":224},427,{"file":154,"line":255,"context":224},431,{"file":154,"line":257,"context":224},432,{"file":154,"line":259,"context":224},435,{"file":154,"line":261,"context":224},436,{"file":154,"line":263,"context":224},457,{"file":154,"line":265,"context":224},468,{"file":154,"line":267,"context":224},469,{"file":154,"line":269,"context":224},470,{"file":154,"line":271,"context":224},471,{"file":154,"line":273,"context":224},472,{"file":154,"line":275,"context":224},473,{"file":154,"line":277,"context":224},474,{"file":154,"line":279,"context":224},477,{"file":154,"line":281,"context":224},488,[],[284],{"entryPoint":285,"graph":286,"unsanitizedCount":11,"severity":306},"\u003Cadmin> (includes\\admin.php:0)",{"nodes":287,"edges":303},[288,293,297],{"id":289,"type":290,"label":291,"file":154,"line":292},"n0","source","$_POST",256,{"id":294,"type":295,"label":296,"file":154,"line":292},"n1","transform","→ get_requests_by_post()",{"id":298,"type":299,"label":300,"file":214,"line":301,"wp_function":302},"n2","sink","get_results() [SQLi]",117,"get_results",[304,305],{"from":289,"to":294,"sanitized":189},{"from":294,"to":298,"sanitized":202},"low",{"summary":308,"deductions":309},"The tmx-quote-request-manager plugin version 2.0.9 exhibits a mixed security posture. On the positive side, there are no known historical vulnerabilities (CVEs) and the taint analysis found no critical or high severity issues, indicating that at least some common attack vectors are likely mitigated. The plugin also makes good use of prepared statements for SQL queries and has a high percentage of properly escaped outputs, which are important security practices.\n\nHowever, the plugin presents significant concerns regarding its attack surface. Out of four identified AJAX handlers, three lack authentication checks. This is a substantial risk, as it potentially allows unauthenticated users to trigger plugin functionality that could be exploited. While there are a decent number of capability checks, their absence on multiple AJAX endpoints leaves them vulnerable to unauthorized access. The plugin's vulnerability history is also clean, which is positive, but doesn't negate the immediate risks identified in the static analysis.\n\nIn conclusion, while the plugin demonstrates good practices in areas like SQL and output handling, the unprotected AJAX endpoints are a critical weakness. The lack of authentication on these entry points significantly increases the attack surface and potential for exploitation, outweighing the positive aspects of its historical security record and internal code quality in certain areas.",[310,313,316,318],{"reason":311,"points":312},"3 unprotected AJAX handlers",15,{"reason":314,"points":315},"Low percentage of protected AJAX handlers",5,{"reason":317,"points":207},"78% SQL prepared statements (implies 22% not)",{"reason":319,"points":315},"68% properly escaped outputs (implies 32% not)","2026-03-17T07:31:10.607Z",{"wat":322,"direct":331},{"assetPaths":323,"generatorPatterns":326,"scriptPaths":327,"versionParams":328},[324,325],"\u002Fwp-content\u002Fplugins\u002Ftmx-quote-request-manager\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Ftmx-quote-request-manager\u002Fassets\u002Fjs\u002Fmeta-box.js",[],[325],[329,330],"tmx-quote-request-manager\u002Fassets\u002Fcss\u002Fadmin.css?ver=","tmx-quote-request-manager\u002Fassets\u002Fjs\u002Fmeta-box.js?ver=",{"cssClasses":332,"htmlComments":340,"htmlAttributes":343,"restEndpoints":346,"jsGlobals":351,"shortcodeOutput":353},[333,334,335,336,337,338,339],"wqrm-meta-box","wqrm-loading-overlay","wqrm-message","wqrm-status-error","wqrm-status-success","wqrm-no-results","wqrm-prefill-wrapper",[341,342],"\u003C!-- Generated by TMX Quote Request Manager -->","\u003C!-- Intercept draft saves to prefill request text -->",[344,345],"data-wqrm-post-id","data-wqrm-post-title",[347,348,349,350],"\u002Fwp-json\u002Fwqrm\u002Fv1\u002Fget-post-data","\u002Fwp-json\u002Fwqrm\u002Fv1\u002Fsubmit-request","\u002Fwp-json\u002Fwqrm\u002Fv1\u002Fpoll-requests","\u002Fwp-json\u002Fwqrm\u002Fv1\u002Fgenerate-prefill",[352],"WQRM",[]]